Dismissing a media report about Aadhaar Enrolment Software being allegedly hacked as “completely incorrect” and “irresponsible”, the Unique Identification Authority of India (UIDAI) Tuesday said the claims made in the report “lack substance”, adding that “certain vested interests” are deliberately trying to create confusion in the minds of people.
“UIDAI hereby dismisses a news report appearing in social and online media about Aadhaar Enrolment Software being allegedly hacked as completely incorrect and irresponsible. The claims lack substance and are baseless. UIDAI further said that certain vested interests are deliberately trying to create confusion in the minds of people which is completely unwarranted,” the Aadhaar-issuing body stated in a series of tweets.
The response from UIDAI comes hours after a report in HuffPost India stated that the authenticity of the data stored in Aadhaar identity database has been compromised by a software patch that disables critical security features of the software used to enrol new Aadhaar users.
“Claims made in the report about Aadhaar being vulnerable to tampering leading to ghost entries in Aadhaar database by purportedly bypassing operators’ biometric authentication to generate multiple Aadhaar cards is totally baseless,” it said, pointing out that full measures are being taken to ensure end-to-end security of resident data.
The report claimed that the patch allows unauthorised persons to generate Aadhaar numbers at will from anywhere in the world. It also said the patch was analysed by three internationally reputed experts, and two Indian analysts.
Clarifying that no operator can make or update Aadhaar unless resident himself give his biometric, the UIDAI said: “Any enrolment or update request is processed only after biometrics of the operator is authenticated and resident’s biometrics is de-duplicated at the backend of UIDAI system.”
The UIDAI said that it matches all the biometric — 10 fingerprints and both iris — of a resident enrolling for Aadhaar with the biometrics of all Aadhaar holders before issuing an Aadhaar, and so the claims of introducing information into Aadhaar database were “completely unfounded”.
UIDAI has also advised the public to approach authorised Aadhaar enrolment centres in bank branches, post offices and Government offices to ensure that the enrolment/updation is done only on authorised machines